browser

The cybersecurity agency Moonlock Lab reports that crypto hackers have recently upgraded their "ClickFix" attack method, beginning to impersonate venture capital firms to contact target users through social platforms and lure them into executing malicious code to steal crypto assets.Attackers disguise themselves as fake venture capital firms such as SolidBit, MegaBit, and Lumax Capital, sending collaboration invitations via LinkedIn and guiding victims to fake Zoom or Google Meet meeting links. The pages embed a fake Cloudflare "I am not a robot" verification button, which, when clicked, copies malicious commands to the clipboard and tricks users into pasting and executing them in the terminal, thus completing the attack. Researchers point out that this method circumvents traditional security mechanisms by "making victims execute commands themselves."Meanwhile, hackers are also hijacking browser extensions to carry out attacks. John Tuckner, founder of cybersecurity company Annex Security, revealed that the Chrome extension QuickLens, after changing ownership on February 1, released a new version containing malicious scripts two weeks later, triggering ClickFix attacks and stealing user data. The extension had about 7,000 users and has since been removed from the store. Reports indicate that the hijacked extension scans crypto wallet data and mnemonic phrases, and scrapes Gmail content, YouTube channel data, and web login or payment information.

According to market news, Tempo has launched its mainnet browser, but it requires a password to access.Additionally, according to Polymarket, the probability of Tempo issuing tokens before the end of the year is currently reported at 69%.

GoPlus has launched a new feature in its browser extension, GoPredict, which provides event risk identification support for the prediction market Polymarket. GoPredict is based on the official Gamma API of Polymarket and conducts real-time risk analysis of market events from multiple dimensions, including event verifiability, market liquidity, and price volatility. It directly marks risk levels on the Polymarket event list page, helping users quickly identify potential high-risk events before placing bets, reducing the information asymmetry risk for ordinary users in the prediction market, and enhancing participation safety and decision-making efficiency.GoPredict is now available with the GoPlus browser extension, and users can download and experience it through the Chrome Web Store.

Trust Wallet posted on platform X that it is collaborating with Binance to provide a fast verification pathway for a specific group of users affected by the browser extension v2.68 incident, in order to simplify and expedite the compensation process.Binance.com users who deposited funds into the stolen wallet from their Binance accounts before December 24, 2025, can confirm ownership using their Binance accounts. Eligible affected users will receive an email notification from the Trust Wallet support team and will need to submit a verification video as instructed. Users who do not meet the fast verification criteria will continue with the original compensation process.

Trust Wallet posted on platform X that, as part of the reimbursement process, it has introduced a Customer Support Verification Code (CSVC) in the browser extension v2.71.0.Users can view this code by updating the browser extension and going to "Settings" - "Help & Support." This step is designed to confirm wallet ownership, streamline the verification process, and ensure that reimbursement funds are returned to the correct user. Trust Wallet reminds users to keep this code confidential and not to share it publicly.

Trust Wallet posted on X platform that the browser extension is now back on the Chrome Web Store. Additionally, version 2.71.0 has been released, which includes support for customer service verification codes to assist with the claims process.

Trust Wallet CEO Eowync.eth announced on the X platform the latest developments regarding the security incident of the browser extension v2.68, stating that the team has confirmed a total of 2,596 wallet addresses have been affected. Currently, approximately 5,000 compensation claims have been received, which include a large number of duplicate or invalid submissions attempting to fraudulently claim compensation for victims.He stated that accurately verifying wallet ownership is the core focus of the current work. The team is distinguishing between real victims and malicious submitters through multiple data cross-verification methods. The verification work is being conducted in parallel with the evidence collection investigation, and some cases have already formed clearer judgment conclusions, but the overall process is still ongoing.Eowync.eth emphasized that the impact of this incident on users has been fully recognized, and investigation and compensation are currently the highest priorities for Trust Wallet. The team will prioritize accuracy over speed, and will ensure that funds are safely returned to the correct users before promptly announcing further progress information, which is expected to be updated within the next day.

The founder of Slow Fog, Yu Xian, tweeted that the new version of the Trust Wallet browser extension has completely resolved the backdoor issue and no longer contains PostHog-related code. Previously, due to incorrect data from intelligence sources, it was mistakenly believed during analysis that PostHog had not been completely removed.PostHog is an open-source full-chain product analytics platform that can be used to collect various information for analysis. The Trust Wallet browser extension version 2.68.0 had a backdoor that utilized PostHog.

Trust Wallet has officially released a security alert, confirming that version 2.68 of the Trust Wallet browser extension has a security vulnerability. Users on version 2.68 should immediately disable the extension and upgrade to version 2.69 via the official Chrome Web Store link.Additionally, users who only use the mobile version and all other browser extension versions are not affected. The team is actively working on the issue and will share the latest updates as soon as possible.

AI-driven cryptocurrency browser DeepBook AI announces a $2 million investment, with participation from Castrum Capital, BD Ventures, Alpha Capital, and BlockPulse.DeepBook AI is a cryptocurrency browser that combines AI-driven discovery features with native DeFi and on-chain browsing, enabling users to better explore dApps, protocols, and crypto content.

According to CoinDesk, Donut Labs announced that it has completed a total financing of $22 million in Pre-seed and Seed rounds within six months of its establishment, with investments from Sequoia China, BITKRAFT, Makers Fund, Sky9 Capital, MPCi, Altos Ventures, Hack VC, and support from ecosystem leaders such as Solana, Sui, and Monad, as well as core team members from Jupiter, Drift, and Manifold Trading. The funding will be used to create the AI agentic browser Donut Browser, designed specifically for trading.Donut Labs stated that the company has garnered over 160,000 sign-ups in its first quarter. Donut completes signal discovery, risk assessment, strategy generation, and on-chain execution within the browser through multi-model orchestration and real-time feedback loops. The product matrix covers Chrome extensions, Web, mobile, and a full browser based on Chromium.CEO Chris Zhu stated that Donut aims to bring "personal AI quant traders in the browser" to every trader, reshaping the way users interact with the financial internet.

ChainCatcher news, according to The Block, the Bitcoin rewards app Lolli has acquired the browser extension Slice, which allows users to earn BTC while browsing the web.This acquisition will help enhance the earning potential for Lolli users. Currently, users can earn Bitcoin rewards when shopping online through partner retailers. Slice, on the other hand, rewards users for their "passive" online activities, such as scrolling through pages and streaming. Notably, this acquisition will also accelerate Lolli's adoption of the Lightning Network, enabling withdrawal features for Layer 2 networks.

ChainCatcher message, the Ethereum domain project ENS announces the launch of the ENS App and ENS Browser. The ENS App provides seamless domain registration and identity management for everyday users, while the ENS Browser offers ownership features and precise control for ecosystem builders.ENS officials state that it has now evolved into the identity infrastructure of Web3.

ChainCatcher news, the Web3 security organization BitsLab announced that it has completed the acquisition of the security browser plugin KEKKAI Plugin from the Japanese Web3 infrastructure company KEKKAI Labs, and has officially renamed it to BitsLab Safe.KEKKAI Labs is a Japanese tech team focused on Web3 security and infrastructure development, with its core product KEKKAI Plugin having a solid user base and high usage rate in the Asian market.BitsLab stated that this acquisition aims to expand its security capabilities from B-end services to C-end security. BitsLab will retain the original features of KEKKAI Plugin while introducing its own AI-driven security analysis and threat detection technology to expand and upgrade the product's functionality intelligently.It is reported that the renamed BitsLab Safe is a free browser security plugin aimed at ordinary users. Its core features include: automatically simulating the transaction process before executing transactions in the wallet, displaying results in advance, issuing warnings when dangerous contracts or malicious actions are detected, and providing phishing website protection and alerts. BitsLab plans to make this product an important part of its AI security ecosystem.Previously, BitsLab's main business focused on B-end services such as security audits, penetration testing, and vulnerability mining, having provided solutions for over 400 projects covering mainstream ecosystems like Sui, Aptos, TON, and Solana. This acquisition marks a strategic upgrade for BitsLab, aiming to build a complete security protection system "from underlying infrastructure to end users."

ChainCatcher news, at the Silicon Valley 101 x RootData annual summit held in Silicon Valley, Donut's Chief Operating Officer Darcy delivered a keynote speech, detailing Donut's product vision and design philosophy.Darcy explained that Donut aims to be the infrastructure connecting AI agents with the crypto world. It is not just a crypto browser but also a multi-agent trading framework and wallet automation platform, dedicated to becoming the unified execution front end for all future AI agents. She emphasized that this design will reshape the future form of trading order flow.It was introduced that Donut has built a complete automation framework for financial AI agents, enabling them to understand market price charts, formulate executable trading plans, and achieve automated trading and backtesting capabilities. Its unique "Radar" feature ensures real-time capture of market opportunities.

ChainCatcher message, the GoPlus browser security plugin now fully supports EIP-7702 detection features, providing stronger security protection for Web3 users.This update includes core features such as real-time risk alerts, advanced threat detection, and protection against malicious contracts, capable of instantly identifying and intercepting various attacks based on the EIP-7702 protocol during transactions. As one of the first platforms to focus on the security threats of this protocol, GoPlus recommends users update their extensions in a timely manner to arm themselves with the latest security tools and ensure asset safety.

ChainCatcher news, according to the official announcement, Binance will launch the Binance Wallet browser extension (Beta version) on August 26, 2025, allowing users to manage their crypto assets directly through desktop browsers and interact with Web3 applications.The extension uses Keyless (MPC) technology, enabling users to log in by scanning a QR code with the Binance App, eliminating the need to remember a mnemonic phrase, significantly reducing security risks.The extension supports multi-chain asset management for EVM, Solana, and TRON, and provides a risk warning feature. Currently, it only supports Chrome browsers, with more features to be released in future versions.

ChainCatcher news, according to the security company Brave Software, Perplexity AI has a browser named Comet that contains a serious security vulnerability. Attackers can embed hidden commands in web pages to trick the AI assistant into leaking users' private data, including emails and code.Brave researchers demonstrated that when users asked Comet to summarize a Reddit page containing hidden commands, the AI assistant executed those commands. Although Perplexity claims the issue was fixed before it was discovered and states that no user data was leaked, Brave insists that the vulnerability could still be exploited weeks after the fix and warns that Comet's design architecture makes it susceptible to further attacks. (Decrypt)